diff options
-rw-r--r-- | sys-power/nut/files/nut-openssl-1.1-support.patch | 333 | ||||
-rw-r--r-- | sys-power/nut/nut-2.7.4-r3.ebuild | 297 |
2 files changed, 630 insertions, 0 deletions
diff --git a/sys-power/nut/files/nut-openssl-1.1-support.patch b/sys-power/nut/files/nut-openssl-1.1-support.patch new file mode 100644 index 000000000000..71e1bf47f1b9 --- /dev/null +++ b/sys-power/nut/files/nut-openssl-1.1-support.patch @@ -0,0 +1,333 @@ +From da1f5aa699f54e0f6977ab64a3bc2f90a51c3104 Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+lede@de-korte.org> +Date: Mon, 27 Nov 2017 21:10:13 +0100 +Subject: [PATCH 1/7] Add support for openssl-1.1.0 + +--- + clients/upsclient.c | 4 ++++ + m4/nut_check_libopenssl.m4 | 5 +++-- + server/netssl.c | 4 ++++ + 3 files changed, 11 insertions(+), 2 deletions(-) + +diff --git a/clients/upsclient.c b/clients/upsclient.c +index b90587b00..fc5e7523c 100644 +--- a/clients/upsclient.c ++++ b/clients/upsclient.c +@@ -316,7 +316,11 @@ int upscli_init(int certverify, const char *certpath, + + #ifdef WITH_OPENSSL + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); ++#else ++ OPENSSL_init_ssl(0, NULL); ++#endif + SSL_load_error_strings(); + + ssl_method = TLSv1_client_method(); +diff --git a/m4/nut_check_libopenssl.m4 b/m4/nut_check_libopenssl.m4 +index 1b875077b..5f29f4a38 100644 +--- a/m4/nut_check_libopenssl.m4 ++++ b/m4/nut_check_libopenssl.m4 +@@ -57,8 +57,9 @@ if test -z "${nut_have_libopenssl_seen}"; then + AC_MSG_RESULT([${LIBS}]) + + dnl check if openssl is usable +- AC_CHECK_HEADERS(openssl/ssl.h, [nut_have_openssl=yes], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT]) +- AC_CHECK_FUNCS(SSL_library_init, [], [nut_have_openssl=no]) ++ AC_CHECK_FUNCS(OPENSSL_init_ssl, [nut_have_openssl=yes], [nut_have_openssl=no]) ++ AC_CHECK_FUNCS(SSL_library_init, [nut_have_openssl=yes], []) ++ AC_CHECK_HEADERS(openssl/ssl.h, [], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT]) + + if test "${nut_have_openssl}" = "yes"; then + nut_with_ssl="yes" +diff --git a/server/netssl.c b/server/netssl.c +index c2f409899..0f9a70acf 100644 +--- a/server/netssl.c ++++ b/server/netssl.c +@@ -388,7 +388,11 @@ void ssl_init(void) + #ifdef WITH_OPENSSL + + SSL_load_error_strings(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); ++#else ++ OPENSSL_init_ssl(0, NULL); ++#endif + + if ((ssl_method = TLSv1_server_method()) == NULL) { + ssl_debug(); + +From b15656efb2575647ca0e0b6439b6380373767b8f Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+lede@de-korte.org> +Date: Tue, 28 Nov 2017 20:00:52 +0100 +Subject: [PATCH 2/7] Allow TLSv1 and higher (not just TLSv1) + +--- + clients/upsclient.c | 30 +++++++++++++++++------------- + server/netssl.c | 26 +++++++++++++++----------- + 2 files changed, 32 insertions(+), 24 deletions(-) + +diff --git a/clients/upsclient.c b/clients/upsclient.c +index fc5e7523c..bd951e854 100644 +--- a/clients/upsclient.c ++++ b/clients/upsclient.c +@@ -299,11 +299,6 @@ int upscli_init(int certverify, const char *certpath, + { + #ifdef WITH_OPENSSL + int ret, ssl_mode = SSL_VERIFY_NONE; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- const SSL_METHOD *ssl_method; +-#else +- SSL_METHOD *ssl_method; +-#endif + #elif defined(WITH_NSS) /* WITH_OPENSSL */ + SECStatus status; + #endif /* WITH_OPENSSL | WITH_NSS */ +@@ -315,26 +310,35 @@ int upscli_init(int certverify, const char *certpath, + } + + #ifdef WITH_OPENSSL ++ ++ SSL_load_error_strings(); + + #if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); ++ ++ ssl_ctx = SSL_CTX_new(SSLv23_client_method()); + #else + OPENSSL_init_ssl(0, NULL); +-#endif +- SSL_load_error_strings(); + +- ssl_method = TLSv1_client_method(); +- +- if (!ssl_method) { +- return 0; +- } ++ ssl_ctx = SSL_CTX_new(TLS_client_method()); ++#endif + +- ssl_ctx = SSL_CTX_new(ssl_method); + if (!ssl_ctx) { + upslogx(LOG_ERR, "Can not initialize SSL context"); + return -1; + } + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ /* set minimum protocol TLSv1 */ ++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); ++#else ++ ret = SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION); ++ if (ret != 1) { ++ upslogx(LOG_ERR, "Can not set minimum protocol to TLSv1"); ++ return -1; ++ } ++#endif ++ + if (!certpath) { + if (certverify == 1) { + upslogx(LOG_ERR, "Can not verify certificate if any is specified"); +diff --git a/server/netssl.c b/server/netssl.c +index 0f9a70acf..98680d25e 100644 +--- a/server/netssl.c ++++ b/server/netssl.c +@@ -371,13 +371,7 @@ void ssl_init(void) + { + #ifdef WITH_NSS + SECStatus status; +-#elif defined(WITH_OPENSSL) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- const SSL_METHOD *ssl_method; +-#else +- SSL_METHOD *ssl_method; +-#endif +-#endif /* WITH_NSS|WITH_OPENSSL */ ++#endif /* WITH_NSS */ + + if (!certfile) { + return; +@@ -388,21 +382,31 @@ void ssl_init(void) + #ifdef WITH_OPENSSL + + SSL_load_error_strings(); ++ + #if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); ++ ++ ssl_ctx = SSL_CTX_new(SSLv23_server_method()); + #else + OPENSSL_init_ssl(0, NULL); ++ ++ ssl_ctx = SSL_CTX_new(TLS_server_method()); + #endif + +- if ((ssl_method = TLSv1_server_method()) == NULL) { ++ if (!ssl_ctx) { + ssl_debug(); +- fatalx(EXIT_FAILURE, "TLSv1_server_method failed"); ++ fatalx(EXIT_FAILURE, "SSL_CTX_new failed"); + } + +- if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ /* set minimum protocol TLSv1 */ ++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); ++#else ++ if (SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION) != 1) { + ssl_debug(); +- fatalx(EXIT_FAILURE, "SSL_CTX_new failed"); ++ fatalx(EXIT_FAILURE, "SSL_CTX_set_min_proto_version(TLS1_VERSION)"); + } ++#endif + + if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) { + ssl_debug(); + +From 5a8308aef9884017754fb70620c8ded34fa44290 Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+lede@de-korte.org> +Date: Tue, 28 Nov 2017 22:01:41 +0100 +Subject: [PATCH 3/7] Fix check for empty string + +--- + clients/upssched.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/clients/upssched.c b/clients/upssched.c +index 97b3ed42d..3fdf118ed 100644 +--- a/clients/upssched.c ++++ b/clients/upssched.c +@@ -794,7 +794,7 @@ static void parse_at(const char *ntype, const char *un, const char *cmd, + } + + if (!strcmp(cmd, "EXECUTE")) { +- if (ca1 == '\0') { ++ if (ca1[0] == '\0') { + upslogx(LOG_ERR, "Empty EXECUTE command argument"); + return; + } + +From 5ecfb0ffe3d89a5116dd287ff2c3f60de67ecbb9 Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+github@de-korte.org> +Date: Fri, 1 Dec 2017 12:24:00 +0100 +Subject: [PATCH 4/7] Report TLS handshake in debug mode + +--- + clients/upsclient.c | 2 +- + server/netssl.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/clients/upsclient.c b/clients/upsclient.c +index bd951e854..b7dd8f424 100644 +--- a/clients/upsclient.c ++++ b/clients/upsclient.c +@@ -745,7 +745,7 @@ static int upscli_sslinit(UPSCONN_t *ups, int verifycert) + switch(res) + { + case 1: +- upsdebugx(3, "SSL connected"); ++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(ups->ssl)); + break; + case 0: + upslog_with_errno(1, "SSL_connect do not accept handshake."); +diff --git a/server/netssl.c b/server/netssl.c +index 98680d25e..6ae13e8d3 100644 +--- a/server/netssl.c ++++ b/server/netssl.c +@@ -275,7 +275,7 @@ void net_starttls(nut_ctype_t *client, int numarg, const char **arg) + { + case 1: + client->ssl_connected = 1; +- upsdebugx(3, "SSL connected"); ++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(client->ssl)); + break; + + case 0: + +From ab0c8b41c0530d3706e4997257939026cfd29ccc Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+github@de-korte.org> +Date: Sun, 24 Feb 2019 18:31:21 +0100 +Subject: [PATCH 5/7] Update nut_check_libopenssl.m4 + +--- + m4/nut_check_libopenssl.m4 | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/m4/nut_check_libopenssl.m4 b/m4/nut_check_libopenssl.m4 +index 5f29f4a38..7eb401cd9 100644 +--- a/m4/nut_check_libopenssl.m4 ++++ b/m4/nut_check_libopenssl.m4 +@@ -57,9 +57,8 @@ if test -z "${nut_have_libopenssl_seen}"; then + AC_MSG_RESULT([${LIBS}]) + + dnl check if openssl is usable +- AC_CHECK_FUNCS(OPENSSL_init_ssl, [nut_have_openssl=yes], [nut_have_openssl=no]) +- AC_CHECK_FUNCS(SSL_library_init, [nut_have_openssl=yes], []) +- AC_CHECK_HEADERS(openssl/ssl.h, [], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT]) ++ AC_CHECK_HEADERS(openssl/ssl.h, [nut_have_openssl=yes], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT]) ++ AC_CHECK_FUNCS(SSL_CTX_new, [], [nut_have_openssl=no]) + + if test "${nut_have_openssl}" = "yes"; then + nut_with_ssl="yes" + +From 1dc34a5da7308f0f85537a6761fefb3ff3098863 Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+github@de-korte.org> +Date: Sun, 24 Feb 2019 18:34:53 +0100 +Subject: [PATCH 6/7] Update upsclient.c + +--- + clients/upsclient.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/clients/upsclient.c b/clients/upsclient.c +index b7dd8f424..541664f36 100644 +--- a/clients/upsclient.c ++++ b/clients/upsclient.c +@@ -311,15 +311,12 @@ int upscli_init(int certverify, const char *certpath, + + #ifdef WITH_OPENSSL + +- SSL_load_error_strings(); +- + #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ SSL_load_error_strings(); + SSL_library_init(); + + ssl_ctx = SSL_CTX_new(SSLv23_client_method()); + #else +- OPENSSL_init_ssl(0, NULL); +- + ssl_ctx = SSL_CTX_new(TLS_client_method()); + #endif + + +From 108c31c9b170da2ee34a25fd373d21837d4d10a3 Mon Sep 17 00:00:00 2001 +From: Arjen de Korte <build+github@de-korte.org> +Date: Sun, 24 Feb 2019 18:37:42 +0100 +Subject: [PATCH 7/7] Update netssl.c + +--- + server/netssl.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/server/netssl.c b/server/netssl.c +index 6ae13e8d3..cf9419edf 100644 +--- a/server/netssl.c ++++ b/server/netssl.c +@@ -381,15 +381,12 @@ void ssl_init(void) + + #ifdef WITH_OPENSSL + +- SSL_load_error_strings(); +- + #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ SSL_load_error_strings(); + SSL_library_init(); + + ssl_ctx = SSL_CTX_new(SSLv23_server_method()); + #else +- OPENSSL_init_ssl(0, NULL); +- + ssl_ctx = SSL_CTX_new(TLS_server_method()); + #endif + diff --git a/sys-power/nut/nut-2.7.4-r3.ebuild b/sys-power/nut/nut-2.7.4-r3.ebuild new file mode 100644 index 000000000000..5364ad86e5cd --- /dev/null +++ b/sys-power/nut/nut-2.7.4-r3.ebuild @@ -0,0 +1,297 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python2_7 ) +inherit autotools bash-completion-r1 desktop fixheadtails flag-o-matic python-single-r1 systemd toolchain-funcs user + +MY_P=${P/_/-} + +DESCRIPTION="Network-UPS Tools" +HOMEPAGE="https://www.networkupstools.org/" +SRC_URI="https://networkupstools.org/source/${PV%.*}/${MY_P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86 ~x86-fbsd" + +IUSE="cgi gui ipmi snmp +usb selinux ssl tcpd xml zeroconf" +REQUIRED_USE="gui? ( ${PYTHON_REQUIRED_USE} )" + +DEPEND=" + dev-libs/libltdl:* + net-libs/libnsl + virtual/udev + cgi? ( >=media-libs/gd-2[png] ) + gui? ( dev-python/pygtk[${PYTHON_USEDEP}] ) + ipmi? ( sys-libs/freeipmi ) + snmp? ( net-analyzer/net-snmp ) + ssl? ( >=dev-libs/openssl-1:= ) + tcpd? ( sys-apps/tcp-wrappers ) + usb? ( virtual/libusb:0= ) + xml? ( >=net-libs/neon-0.25.0 ) + zeroconf? ( net-dns/avahi )" + +BDEPEND=" + virtual/pkgconfig + >=sys-apps/sed-4" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-nut )" + +S="${WORKDIR}/${MY_P}" + +# Bug #480664 requested UPS_DRIVERS_IUSE for more flexibility in building this package +SERIAL_DRIVERLIST="al175 bcmxcp belkin belkinunv bestfcom bestfortress bestuferrups bestups dummy-ups etapro everups gamatronic genericups isbmex liebert liebert-esp2 masterguard metasys oldmge-shut mge-utalk microdowell mge-shut oneac optiups powercom rhino safenet solis tripplite tripplitesu upscode2 victronups powerpanel blazer_ser clone clone-outlet ivtscd apcsmart apcsmart-old apcupsd-ups riello_ser nutdrv_qx" +SNMP_DRIVERLIST="snmp-ups" +USB_LIBUSB_DRIVERLIST="usbhid-ups bcmxcp_usb tripplite_usb blazer_usb richcomm_usb riello_usb nutdrv_qx" +USB_DRIVERLIST=${USB_LIBUSB_DRIVERLIST} +#HAL_DRIVERLIST="usbhid-ups bcmxcp_usb tripplite_usb blazer_usb riello_usb nutdrv_qx" +NEONXML_DRIVERLIST="netxml-ups" +IPMI_DRIVERLIST="nut-ipmipsu" +# Now we build from it: +for name in ${SERIAL_DRIVERLIST} ; do + IUSE_UPS_DRIVERS="${IUSE_UPS_DRIVERS} +ups_drivers_${name}" +done +for name in ${USB_DRIVERLIST} ; do + IUSE_UPS_DRIVERS="${IUSE_UPS_DRIVERS} +ups_drivers_${name}" + REQUIRED_USE="${REQUIRED_USE} ups_drivers_${name}? ( usb )" +done +for name in ${NEONXML_DRIVERLIST}; do + IUSE_UPS_DRIVERS="${IUSE_UPS_DRIVERS} ups_drivers_${name}" + REQUIRED_USE="${REQUIRED_USE} ups_drivers_${name}? ( xml )" +done +for name in ${SNMP_DRIVERLIST} ; do + IUSE_UPS_DRIVERS="${IUSE_UPS_DRIVERS} ups_drivers_${name}" + REQUIRED_USE="${REQUIRED_USE} ups_drivers_${name}? ( snmp )" +done +for name in ${IPMI_DRIVERLIST} ; do + IUSE_UPS_DRIVERS="${IUSE_UPS_DRIVERS} ups_drivers_${name}" + REQUIRED_USE="${REQUIRED_USE} ups_drivers_${name}? ( ipmi )" +done +IUSE="${IUSE} ${IUSE_UPS_DRIVERS}" + +# public files should be 644 root:root +NUT_PUBLIC_FILES="/etc/nut/{ups,upssched}.conf" +# private files should be 640 root:nut - readable by nut, writeable by root, +NUT_PRIVATE_FILES="/etc/nut/{upsd.conf,upsd.users,upsmon.conf}" +# public files should be 644 root:root, only installed if USE=cgi +NUT_CGI_FILES="/etc/nut/{{hosts,upsset}.conf,upsstats{,-single}.html}" + +PATCHES=( + "${FILESDIR}/${PN}-2.7.2-no-libdummy.patch" + "${FILESDIR}/${PN}-2.7.1-snmpusb-order.patch" + "${FILESDIR}/${PN}-2.6.2-lowspeed-buffer-size.patch" + "${FILESDIR}/nut-openssl-1.1-support.patch" +) + +pkg_setup() { + enewgroup nut 84 + enewuser nut 84 -1 /var/lib/nut nut,uucp + # As of udev-104, NUT must be in uucp and NOT in tty. + gpasswd -d nut tty 2>/dev/null + gpasswd -a nut uucp 2>/dev/null + # in some cases on old systems it wasn't in the nut group either! + gpasswd -a nut nut 2>/dev/null + warningmsg ewarn + use gui && python-single-r1_pkg_setup +} + +src_prepare() { + default + + sed -e "s:GD_LIBS.*=.*-L/usr/X11R6/lib \(.*\) -lXpm -lX11:GD_LIBS=\"\1:" \ + -e '/systemdsystemunitdir=.*echo.*sed.*libdir/s,^,#,g' \ + -i configure.ac || die + + sed -e "s:52.nut-usbups.rules:70-nut-usbups.rules:" \ + -i scripts/udev/Makefile.am || die + + rm ltmain.sh m4/lt* m4/libtool.m4 || die + + sed -e 's:@LIBSSL_LDFLAGS@:@LIBSSL_LIBS@:' \ + -i lib/libupsclient{.pc,-config}.in || die #361685 + + use gui && eapply "${FILESDIR}"/NUT-Monitor-1.3-paths.patch + + eautoreconf +} + +src_configure() { + local myconf + append-flags -fno-lto + tc-export CC + tc-export CXX + tc-export AR + + local UPS_DRIVERS="" + for u in $USE ; do + u2=${u#ups_drivers_} + [[ "${u}" != "${u2}" ]] && UPS_DRIVERS="${UPS_DRIVERS} ${u2}" + done + UPS_DRIVERS="${UPS_DRIVERS# }" UPS_DRIVERS="${UPS_DRIVERS% }" + myconf="${myconf} --with-drivers=${UPS_DRIVERS// /,}" + + use cgi && myconf="${myconf} --with-cgipath=/usr/share/nut/cgi" + + # TODO: USE flag for sys-power/powerman + econf \ + --sysconfdir=/etc/nut \ + --datarootdir=/usr/share/nut \ + --datadir=/usr/share/nut \ + --disable-static \ + --with-statepath=/var/lib/nut \ + --with-drvpath=/$(get_libdir)/nut \ + --with-htmlpath=/usr/share/nut/html \ + --with-user=nut \ + --with-group=nut \ + --with-logfacility=LOG_DAEMON \ + --with-dev \ + --with-serial \ + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \ + --without-powerman \ + $(use_with cgi) \ + $(use_with ipmi) \ + $(use_with ipmi freeipmi) \ + $(use_with snmp) \ + $(use_with ssl) \ + $(use_with tcpd wrap) \ + $(use_with usb) \ + $(use_with xml neon) \ + $(use_with zeroconf avahi) \ + ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install + + find "${D}" -name '*.la' -delete || die + + dodir /sbin + dosym ../usr/sbin/upsdrvctl /sbin/upsdrvctl + + if use cgi; then + elog "CGI monitoring scripts are installed in /usr/share/nut/cgi." + elog "copy them to your web server's ScriptPath to activate (this is a" + elog "change from the old location)." + elog "If you use lighttpd, see lighttpd_nut.conf in the documentation." + fi + + if use gui; then + python_fix_shebang scripts/python/app + python_domodule scripts/python/module/PyNUT.py + python_doscript scripts/python/app/NUT-Monitor + + insinto /usr/share/nut + doins scripts/python/app/gui-1.3.glade + + dodir /usr/share/nut/pixmaps + insinto /usr/share/nut/pixmaps + doins scripts/python/app/pixmaps/* + + sed -i -e 's/nut-monitor.png/nut-monitor/' -e 's/Application;//' \ + scripts/python/app/${PN}-monitor.desktop || die + + doicon scripts/python/app/${PN}-monitor.png + domenu scripts/python/app/${PN}-monitor.desktop + fi + + # this must be done after all of the install phases + for i in "${D}"/etc/nut/*.sample ; do + mv "${i}" "${i/.sample/}" || die + done + + local DOCS=( AUTHORS ChangeLog docs/*.txt MAINTAINERS NEWS README TODO UPGRADING ) + einstalldocs + + newdoc lib/README README.lib + newdoc "${FILESDIR}"/lighttpd_nut.conf-2.2.0 lighttpd_nut.conf + + docinto cables + dodoc docs/cables/* + + newinitd "${FILESDIR}"/nut-2.6.5-init.d-upsd upsd + newinitd "${FILESDIR}"/nut-2.2.2-init.d-upsdrv upsdrv + newinitd "${FILESDIR}"/nut-2.6.5-init.d-upsmon upsmon + newinitd "${FILESDIR}"/nut-2.6.5-init.d-upslog upslog + newinitd "${FILESDIR}"/nut.powerfail.initd nut.powerfail + + keepdir /var/lib/nut + + einfo "Setting up permissions on files and directories" + fperms 0700 /var/lib/nut + fowners nut:nut /var/lib/nut + + # Do not remove eval here, because the variables contain shell expansions. + eval fperms 0640 ${NUT_PRIVATE_FILES} + eval fowners root:nut ${NUT_PRIVATE_FILES} + + # Do not remove eval here, because the variables contain shell expansions. + eval fperms 0644 ${NUT_PUBLIC_FILES} + eval fowners root:root ${NUT_PUBLIC_FILES} + + # Do not remove eval here, because the variables contain shell expansions. + if use cgi; then + eval fperms 0644 ${NUT_CGI_FILES} + eval fowners root:root ${NUT_CGI_FILES} + fi + + # this is installed for 2.4 and fbsd guys + if ! has_version virtual/udev; then + einfo "Installing non-udev hotplug support" + insinto /etc/hotplug/usb + insopts -m 755 + doins scripts/hotplug/nut-usbups.hotplug + fi + + newbashcomp "${S}"/scripts/misc/nut.bash_completion upsc + bashcomp_alias upsc upscmd upsd upsdrvctl upsmon upsrw +} + +pkg_postinst() { + # this is to ensure that everybody that installed old versions still has + # correct permissions + + chown nut:nut "${ROOT}"/var/lib/nut 2>/dev/null + chmod 0700 "${ROOT}"/var/lib/nut 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + eval chown root:nut "${ROOT}"${NUT_PRIVATE_FILES} 2>/dev/null + eval chmod 0640 "${ROOT}"${NUT_PRIVATE_FILES} 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + eval chown root:root "${ROOT}"${NUT_PUBLIC_FILES} 2>/dev/null + eval chmod 0644 "${ROOT}"${NUT_PUBLIC_FILES} 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + if use cgi; then + eval chown root:root "${ROOT}"${NUT_CGI_FILES} 2>/dev/null + eval chmod 0644 "${ROOT}"${NUT_CGI_FILES} 2>/dev/null + fi + + warningmsg elog +} + +warningmsg() { + msgfunc="$1" + [ -z "$msgfunc" ] && die "msgfunc not specified in call to warningmsg!" + ${msgfunc} "Please note that NUT now runs under the 'nut' user." + ${msgfunc} "NUT is in the uucp group for access to RS-232 UPS." + ${msgfunc} "However if you use a USB UPS you may need to look at the udev or" + ${msgfunc} "hotplug rules that are installed, and alter them suitably." + ${msgfunc} '' + ${msgfunc} "You are strongly advised to read the UPGRADING file provided by upstream." + ${msgfunc} '' + ${msgfunc} "Please note that upsdrv is NOT automatically started by upsd anymore." + ${msgfunc} "If you have multiple UPS units, you can use their NUT names to" + ${msgfunc} "have a service per UPS:" + ${msgfunc} "ln -s /etc/init.d/upsdrv /etc/init.d/upsdrv.\$UPSNAME" + ${msgfunc} '' + ${msgfunc} 'If you want apcupsd to power off your UPS when it' + ${msgfunc} 'shuts down your system in a power failure, you must' + ${msgfunc} 'add nut.powerfail to your shutdown runlevel:' + ${msgfunc} '' + ${msgfunc} 'rc-update add nut.powerfail shutdown' + ${msgfunc} '' + +} |